tags:

views:

134

answers:

5
+2  Q: 

Launching win32 native executable from public web site

I've been presented with an architectural challenge and am looking for ideas.

Customer has an existing win32 native application that they are pretty resistant to changing in any but trivial ways. It is written in unmanaged c++ and uses at least one 3rd party dll so it is not a stand alone exe. What it is doesn't matter much, think of it as a customer support communication tool. Ideally the customer wants to launch this from a web site rather than publish it as an installable program. Additionally the customer needs to pass a token to the executable when it executes so it can call home and ask for more instructions.

I will go ahead and concede that how the application would be launched should have been among the first design considerations, not the last -- but it is what it is.

Security concerns over malware, spyware, trojans and the like make this a very unlikely distribution model. I have more experience in not doing this than finding a legitimate way to accomplish it.

Any ideas (positive or negative) are welcome.

A: 

Have you looked into ClickOnce?

lod3n  2009-10-02 18:00:26
It would be possible to create a managed wrapper app that included the unmanaged application as part of the payload and use Process to start the native app. But this would still be installing the app locally and they don't want it installed, they just want it launched. :(
ongle  2009-10-02 18:11:15
A: 

You can try creating an ActiveX control that will download your executable and run it, but this unfortunately limits you to IE. It also creates an additional install/run step for the control on the web page. This might not be acceptable to some of your customers if they have policies around users downloading and running ActiveX controls.

You can also try packaging the exe and it's dependencies as a resource in another exe. The user can download and run this from the web page which extracts the executable and dependencies and runs them. This might be a bit more direct than the ActiveX route, but can still have some of the same limitations around security policies.

You're not going to find a simple solution to this unfortunately - running arbitrary native code from a website is hard by design.

Michael  2009-10-02 18:02:37
I too have considered the browser plugin route but I don't think they are going to like it. Explaining that this is "hard by design" wasn't received with much enthusiasm.
ongle  2009-10-02 18:16:35
So . . . they basically want you to figure out a browser exploit that will hopefully never get patched?
Michael  2009-10-02 18:20:03
They aren't really looking at it that way, they just aren't web savvy. But I see your point. I have no interest in using an exploit to do this, it must be done in a legitimate way acceptable to corporate clients.
ongle  2009-10-02 18:25:18
+1  A: 

I can't offer any advise on launching an app that is installed upon the Users' PC. So maybe someone will offer advice on that.

However, there is the alternative solution of installing the application upon your server. You can then write some code that can access the data and display via HTML. This would ideally be easily achieveable with the favoured API's, Web Services and other dohickeys. But I guess that isn't a potential solution?

Your other option is a product similar to some of the integration products from NDL MetaScype.

Their product is effectively a screen-scraping software that basically opens the app and runs what for-all-intents-and-purposes, is a macro. The benefit of this is that all business logic is retained (i.e. you're effectively typing into a field and if that field comes back with an error on the system - your web app should find out too.

Good luck - I think you'll find it remarkably tricky without getting users to alter their security settings for your specific site.

Amadiere  2009-10-02 18:02:52
They are set on using the app in its current form. If I could rewrite it, I could architect it with the web in mind and this would be a non issue. The app doesn't translate to HTML well, so screen-scraping wouldn't help much. :(
ongle  2009-10-02 18:22:20
I'd suggest that screenscraping is better than you'd imagine and it'd be fine dealing with your app. I'd be inclined to think the same way as you though about it's compatibility. If you can't rewrite it, I think this is quite a valid option still. (I appreciate this want yourquestion, but I thought I'd mention it still. :)
Amadiere  2009-10-03 11:07:06
+2  A: 

Convince the client to let your company fix the original design flaw, most likely at your own expense. Apologize. A LOT.

Jon Seigel  2009-10-02 18:37:24
I am a very late player to the game and had nothing to do with the design or development of the app. If I had, I would be apologizing. *a lot*.
ongle  2009-10-02 18:39:04
I wasn't blaming you for that (by 'you' I meant your company -- I'll edit the original message). The client wants what they want, and the it's your company's problem to fix.
Jon Seigel  2009-10-02 18:52:42
Heh, no worries. :) I'd apologize to most anybody for an answer.
ongle  2009-10-02 18:59:34
A: 

I'm not entirely sure I understand the situation, but it sounds like one option might be to run the application on a server and then use Citrix to enable the client's pcs to access the application like thin clients. My university does this with a number of programs (like Photoshop, for example). I'm not able to access the application to install it, but I can download a small file that launches Citrix and runs the application. The application always has windows-like controls, even though I'm running a Mac. Of course, I still had to install Citrix, so maybe there's not much benefit in going this route, but it might be an easier compromise than some of your other options.

A second, crazier idea would be to integrate the installer into the app so that when it launches for the first time, it installs itself, then starts itself. Then just tell the customer it takes a long time to start for the first time.

Please clarify if my answers suggest I don't understand the problem. I'm quite curious to learn more about the situation.

notJim  2009-10-03 00:18:30
I see now that my second option was more or less suggested by Michael.
notJim  2009-10-03 00:19:30
The client application has to run locally in order to interact with local hardware. And as you say it would still require installing a client that would not typically already be installed. :(
ongle  2009-10-03 00:54:37
Aren't you basically asking for the ability to install an app locally without installing it locally, then? I feel like there must have been some hugely fundamental breakdown in communication between your company and the client for you to even be in this situation. It would be like if I told you I wanted a small economy car for just me, and you came back to me with a train car.
notJim  2009-10-03 01:03:00
Actually, they don't want to install it -- just launch it.
ongle  2009-10-03 04:31:42

related questions

What is the best architecture to bridge to XMPP?
How to expose a collection property?
How do you build a ratings implementation?
Alternative "architectural" approaches to javaScript client code?
Split data access class into reader and writer or combine them?
Guide to choosing between REST vs SOAP services?
Best architecture for handling file system changes?
Globalization architecture
How Did You Decide Between WISA and LAMP?
Best Blogs for Software Architecture
Experience documentation about Shared Nothing Architecture
Agile architectures
VS.NET Application Diagrams
Documenting program architecture
Books for software architect
How do you do system integration?
Design debate: what are good ways to store and manipulate versioned objects?
Passing more parameters in C function pointers
Send messages to program through command line
Interfaces on different logic layers
How to structure a java application, in other words: where do I put my classes?
Are there any negative reasons to use an N-Tier solution?
Linux - files and scripts that execute on boot
Good STL-like library for C.
Best way to allow plugins for a PHP application